Flask-LDAPConn

Release 0.10.1

Pure python, LDAP connection and ORM for Flask Applications

Homepage Repository PyPI Python

Keywords
flask, ldap, ldap3, orm
License
BSD-3-Clause
Install
pip install Flask-LDAPConn==0.10.1

Documentation

Flask-LDAPConn

https://travis-ci.org/rroemhild/flask-ldapconn.svg?branch=master

Flask-LDAPConn is a Flask extension providing ldap3 (an LDAP V3 pure Python client) connection for accessing LDAP servers.

To abstract access to LDAP data this extension provides a simple ORM model.

Installation

pip install flask-ldapconn

Configuration

Your configuration should be declared within your Flask config. Sample configuration:

import ssl

LDAP_SERVER = 'localhost'
LDAP_PORT = 389
LDAP_BINDDN = 'cn=admin,dc=example,dc=com'
LDAP_SECRET = 'forty-two'
LDAP_CONNECT_TIMEOUT = 10  # Honored when the TCP connection is being established
LDAP_USE_TLS = True  # default
LDAP_REQUIRE_CERT = ssl.CERT_NONE  # default: CERT_REQUIRED
LDAP_TLS_VERSION = ssl.PROTOCOL_TLSv1_2  # default: PROTOCOL_TLSv1
LDAP_CERT_PATH = '/etc/openldap/certs'

If you want to always get any entry attribute value as a list, instead of a string if only one item is in the attribute list, then set:

FORCE_ATTRIBUTE_VALUE_AS_LIST = True

Default is False and will return a string if only one item is in the attribute list.

Setup

Create the LDAP instance in your application.

from flask import Flask
from flask_ldapconn import LDAPConn

app = Flask(__name__)
ldap = LDAPConn(app)

Client sample

from flask import Flask
from flask_ldapconn import LDAPConn
from ldap3 import SUBTREE

app = Flask(__name__)
ldap = LDAPConn(app)

@app.route('/')
def index():
    ldapc = ldap.connection
    basedn = 'ou=people,dc=example,dc=com'
    search_filter = '(objectClass=posixAccount)'
    attributes = ['sn', 'givenName', 'uid', 'mail']
    ldapc.search(basedn, search_filter, SUBTREE,
                 attributes=attributes)
    response = ldapc.response

User model samples

from flask import Flask
from flask_ldapconn import LDAPConn

app = Flask(__name__)
ldap = LDAPConn(app)

class User(ldap.Entry):

    base_dn = 'ou=people,dc=example,dc=com'
    object_classes = ['inetOrgPerson']

    name = ldap.Attribute('cn')
    email = ldap.Attribute('mail')
    userid = ldap.Attribute('uid')
    surname = ldap.Attribute('sn')
    givenname = ldap.Attribute('givenName')

with app.app_context():

    # get a list of entries
    entries = User.query.filter('email: *@example.com').all()
    for entry in entries:
        print u'Name: {}'.format(entry.name)

    # get the first entry
    user = User.query.filter('userid: user1').first()

    # new entry
    new_user = User(
        name='User Three',
        email='user3@example.com',
        userid='user3',
        surname='Three',
        givenname='User'
    )
    new_user.save()

    # modify entry
    mod_user = User.query.filter('userid: user1').first()
    mod_user.name = 'User Number Three'
    mod_user.email.append.('u.three@example.com')
    mod_user.givenname.delete()
    mod_user.save()

    # remove entry
    rm_user = User.query.filter('userid: user1').first()
    rm_user.delete()

    # authenticate user
    auth_user = User.query.filter('userid: user1').first()
    if auth_user:
        if auth_user.authenticate('password1234'):
            print('Authenticated')
        else:
            print('Wrong password')

Authenticate with Client

from flask import Flask
from flask_ldapconn import LDAPConn

app = Flask(__name__)
ldap = LDAPConn(app)

username = 'user1'
password = 'userpass'
attribute = 'uid'
search_filter = ('(active=1)')

with app.app_context():
    retval = ldap.authenticate(username, password, attribute,
                               basedn, search_filter)
    if not retval:
        return 'Invalid credentials.'
    return 'Welcome %s.' % username

Bind as user

To bind as user for the current request instance a new connection from flask.g.ldap_conn:

g.ldap_conn = ldap.connect(userdn, password)
user = User.query.get(userdn)

Unit Test

I use a simple Docker image to run the tests on localhost. The test file test_flask_ldapconn.py tries to handle start and stop of the docker container:

pip install docker-py
docker pull rroemhild/test-openldap
python test_flask_ldapconn.py

Run the docker container manual:

docker run --privileged -d -p 389:389 --name flask_ldapconn rroemhild/test-openldap
DOCKER_RUN=False python test_flask_ldapconn.py

Unit test with your own settings from a file:

LDAP_SETTINGS=my_settings.py python test_flask_ldapconn.py

Contribute

  1. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
  2. Fork the repository on Github to start making your changes.
  3. Write a test which shows that the bug was fixed or that the feature works as expected.
  4. Send a pull request and bug the maintainer until it gets merged and published.

Stats

Dependencies
3
Dependent packages
1
Dependent repositories
4
Total releases
32
Latest release
First release
Stars
54
Forks
30
Watchers
2
Contributors
11
Repository size
174 KB
SourceRank
10

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.5
0.10.1
0.10.0
0.9.0
0.8.0
0.7.2
0.7.1
0.7.0
0.6.13
0.6.12
See all 32 releases

Contributors

Rafael Römhild Dominik George Alexei Margasov Bartosz Marcinkowski Robert Wikman dependabot[bot] Andreas 'count' Kotes Roland Matthias Tafelmeier HAMANO Tsukasa


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 16:50:44 UTC

Login to resync this project